PT-2026-32036 · Mauriceboe · Trek
Published
2026-04-10
·
Updated
2026-04-10
·
CVE-2026-40184
CVSS v3.1
3.7
Low
| AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. This vulnerability is fixed in 2.7.2.
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Trek